CVE-2018-15773

EUVD-2018-7636
Dell Encryption (formerly Dell Data Protection | Encryption) v10.1.0 and earlier contain an information disclosure vulnerability. A malicious user with physical access to the machine could potentially exploit this vulnerability to access the unencrypted RegBack folder that contains back-ups of sensitive system files.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 MEDIUM
PHYSICAL
LOW
LOW
CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 9%
Affected Products (NVD)
VendorProductVersion
delldata_protection_\|_encryption
𝑥
≤ 10.1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.dell.com/support/article/us/en/04/sln314963/dell-encryption-enterprise-dell-data-protection-encryption-information-disclosure-vulnerability?lang=en
https://www.dell.com/support/article/us/en/04/sln314963/dell-encryption-enterprise-dell-data-protection-encryption-information-disclosure-vulnerability?lang=en